﻿<!-- #include file="include/md5.asp" -->
<!--#include file="include/config.asp"-->
<!--#include file="include/conn_f.asp"-->
<!--#include file="ipcountry/ipcountry.asp" -->
<!--#include file="top.asp"-->
<!--#include file="left.asp"-->
<%
If Session("cust_id")<>"" Then
	total_amount=left(request("amount"),10)

	cust_id=Session("cust_id")

	IP=Request.ServerVariables("HTTP_X_FORWARDED_FOR")
	If IP="" Then
		IP=Request.ServerVariables("remote_addr")
	End If
	ip_address=split(IP,",",-1,1)
	If UBound(ip_address)>-1 and len(ip_address(0))>7 Then
		ipcountry=IP2Country(ip_address(0))
	Else
		ipcountry="CN"
	End If
	
	If total_amount<0 Then
		Response.Write "非法"
		Response.End
	End If

	
	sql="select balance,buytimes,VIP,isactive from customer where cust_id="&cust_id
	Set rs=conn.execute(sql)
	Dim balance
	balance=0
	If Not rs.eof Then
		balance=ccur(rs("balance"))
		ISVIP=cint(rs("VIP"))
		isactive=cint(rs("isactive"))
	End If
	rs.close

	sql="insert into orders(cust_id,goods_type,card_1,total_amount,order_time,IP,ipcountry) values("&cust_id&",5,2,"&total_amount&",now(),'"&IP&"','"&ipcountry&"')"
	conn.execute sql

	sql="select LAST_INSERT_ID() from orders"
	Set rs=conn.execute(sql)
	orders_id=rs(0)

	sql="insert into orders_detail(orders_id,goods_type,amount) values("&orders_id&",5,"&total_amount&")"
	conn.execute sql

	Response.Redirect "ckout.asp?orders_id="&orders_id

Else
	Response.Write "请先登录网站!"
End If
%>
<!--#include file="bottom.asp"-->
